diff --git a/package.json b/package.json index 6e8686e2..78b12e50 100644 --- a/package.json +++ b/package.json @@ -64,6 +64,7 @@ "chai": "^3.5.0", "es5-shim": "^4.1.0", "eslint-config-loopback": "^1.0.0", + "express-session": "^1.14.0", "grunt": "^1.0.1", "grunt-browserify": "^5.0.0", "grunt-cli": "^1.2.0", diff --git a/server/middleware/token.js b/server/middleware/token.js index 21e3b5ca..2ceb701d 100644 --- a/server/middleware/token.js +++ b/server/middleware/token.js @@ -125,7 +125,7 @@ function token(options) { req.accessToken = token || null; rewriteUserLiteral(req, currentUserLiteral); var ctx = req.loopbackContext; - if (ctx) ctx.set('accessToken', token); + if (ctx && ctx.active) ctx.set('accessToken', token); next(err); }); }; diff --git a/test/access-token.test.js b/test/access-token.test.js index aec2b86a..917994da 100644 --- a/test/access-token.test.js +++ b/test/access-token.test.js @@ -6,6 +6,8 @@ var cookieParser = require('cookie-parser'); var loopback = require('../'); var extend = require('util')._extend; +var session = require('express-session'); + var Token = loopback.AccessToken.extend('MyToken'); var ds = loopback.createDataSource({connector: loopback.Memory}); Token.attachTo(ds); @@ -507,6 +509,29 @@ describe('app.enableAuth()', function() { done(); }); }); + + // See https://github.com/strongloop/loopback-context/issues/6 + it('checks whether context is active', function(done) { + var app = loopback(); + + app.enableAuth(); + app.use(loopback.context()); + app.use(session({ + secret: 'kitty', + saveUninitialized: true, + resave: true + })); + app.use(loopback.token({ model: Token })); + app.get('/', function(req, res) { res.send('OK'); }); + app.use(loopback.rest()); + + request(app) + .get('/') + .set('authorization', this.token.id) + .set('cookie', 'connect.sid=s%3AFTyno9_MbGTJuOwdh9bxsYCVxlhlulTZ.PZvp85jzLXZBCBkhCsSfuUjhij%2Fb0B1K2RYZdxSQU0c') + .expect(200, 'OK') + .end(done); + }); }); function createTestingToken(done) {